Apple MacOS 10.15.5 Release: MacBook’s Scary Surprise

Apple MacOS 10.15.5 Release: MacBook’s Scary Surprise
Last week saw Apple release MacOS Catalina version 10.15.5; a surprising move so close to the Virtual WWDC later this month and the expected announcement of MacOS 10.16. Nevertheless Tim Cook and his team pushed out the update with a number of security updates, and the addition of the battery health software. The surprises keep…

Last week saw Apple release MacOS Catalina version 10.15.5; a surprising move so close to the Virtual WWDC later this month and the expected announcement of MacOS 10.16. Nevertheless Tim Cook and his team pushed out the update with a number of security updates, and the addition of the battery health software.

The surprises keep on coming, with a ‘supplemental release’ today of 10.15.5 with ‘important security updates’.

TEC-Digital Life-Laptop Innovations

FILE – In this Thursday, Oct. 27, 2016, file photo, a guest looks at the Touch Bar on a MacBook … [+] computer shown in a demo room following the announcement of new products at Apple headquarters, in Cupertino, Calif. Higher-end models of Apple’s MacBook Pro now come with a narrow touch screen above the regular keyboard for quick access to common settings and tasks. (AP Photo/Marcio Jose Sanchez, File)

ASSOCIATED PRESS

Apple’s support pages offer more details on the changes, which have been made to the kernel:

  • Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.5
  • Impact: An application may be able to execute arbitrary code with kernel privileges
  • Description: A memory consumption issue was addressed with improved memory handling.
  • CVE-2020-9859: unc0ver

The nature of the changes and the inclusion of MacOS High Sierra suggests that either something has slipped through the quality control net, or a serious exploit has come to Apple’s attention in the last few days. 

Speculation will no doubt fall on the ‘Sign In With Apple’ flaw which saw Apple pay a $100,00 bounty. Forbes’ Davey Winder:

“With the vulnerability already now patched by Apple on the server-side, Bhavuk Jain published his disclosure of the security shocker on May 30. Although the vulnerability related only to third-party apps which used Sign in with Apple without taking any further security measures, it’s shocking for two reasons.”

Those reasons being the breadth of the attack and what it could open up to a hacker, and Apple’s inability to catch this flaw during testing.

Now read more about the main release of MacOS Catalina 10.15.5…

Read More

Add comment

Your email address will not be published. Required fields are marked *

Go High Radio USA

Latest videos